Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
63ea6a56 by Salvatore Bonaccorso at 2021-11-09T22:13:59+01:00
Track fixed version for samba via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2813,7 +2813,7 @@ CVE-2021-3895
CVE-2021-23192 [dcerpc requests don't check all fragments against the first
auth_state]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
[buster] - samba <not-affected> (Vulnerable code introduced later)
[stretch] - samba <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14875
@@ -10131,7 +10131,7 @@ CVE-2021-40146 (A Remote Code Execution (RCE)
vulnerability was discovered in th
CVE-2021-3738 [crash in dsdb stack]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14468
NOTE: https://www.samba.org/samba/security/CVE-2021-3738.html
CVE-2021-3737 [client can enter an infinite loop on a 100 Continue response
from the server]
@@ -76905,14 +76905,14 @@ CVE-2020-25723 (A reachable assertion issue was found
in the USB EHCI emulation
CVE-2020-25722 [AD DC UPN vs samAccountName not checked]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14564
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25722.html
CVE-2020-25721 [[Kerberos acceptors need easy access to stable AD identifiers
(eg objectSid)]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14557
NOTE: https://www.samba.org/samba/security/CVE-2020-25721.html
@@ -76921,21 +76921,21 @@ CVE-2020-25720
CVE-2020-25719 [AD DC Username based races when no PAC is given]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14561
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25719.html
CVE-2020-25718 [An RODC can issue (forge) administrator tickets to other
servers]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14558
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25718.html
CVE-2020-25717 [A user on the domain can become root on domain members]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14556
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
NOTE: https://www.samba.org/samba/security/CVE-2020-25717.html
@@ -328205,7 +328205,7 @@ CVE-2016-2125 (It was found that Samba before
versions 4.5.3, 4.4.8, 4.3.13 alwa
CVE-2016-2124 [SMB1 client connections can be downgraded to plaintext
authentication]
RESERVED
{DSA-5003-1}
- - samba <unfixed>
+ - samba 2:4.13.14+dfsg-1
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12444
NOTE: https://www.samba.org/samba/security/CVE-2016-2124.html
CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba
routine n ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63ea6a569fbf5d714d7de45f080e34d55ac0d1e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63ea6a569fbf5d714d7de45f080e34d55ac0d1e9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
